package com.crx.springbootinit.interceptor;

import com.crx.springbootinit.common.ErrorCode;
import com.crx.springbootinit.exception.BusinessException;
import com.crx.springbootinit.model.entity.User;
import com.crx.springbootinit.service.IUserService;
import com.crx.springbootinit.utils.AuthUtils;
import com.crx.springbootinit.utils.ThreadLocalUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * jwt令牌校验的拦截器
 */
@Component
@Slf4j
public class TokenUserInterceptor implements HandlerInterceptor {

    @Autowired
    private RedisTemplate redisTemplate;

    @Autowired
    private IUserService userService;
    /**
     * 校验jwt
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            //当前拦截到的不是动态方法，直接放行
            return true;
        }

        //1、从请求头中获取令牌
        String token = request.getHeader("token");

        //2、校验令牌
        try {
            if (token == null) {
                throw new BusinessException(ErrorCode.NOT_LOGIN_ERROR);
            }
            Long userId = (Long) redisTemplate.opsForValue().get(token);
            if (userId == null) {
                throw new BusinessException(ErrorCode.NOT_LOGIN_ERROR);
            }

            // 获取登录用户
            User loginUser = userService.getLoginUser(userId);

            // 如果不存在该用户则拒绝
            if (loginUser == null) {
                throw new BusinessException(ErrorCode.NOT_LOGIN_ERROR);
            }
            // 如果被禁用则拒绝
            if (loginUser.getRoleStatus().equals(0)) {
                throw new BusinessException(ErrorCode.FORBIDDEN_ERROR);
            }
            ThreadLocalUtil.set("userId",userId);
            //3、通过，放行
            return true;
        } catch (Exception ex) {
            //4、不通过，响应401状态码
            response.setStatus(401);
            return false;
        }
    }
}
